Thursday, April 30, 2020

How to view the list of certificates in your system's truststore (cacerts)

[Objective]: This post covers very basic of HTTPS/SSL.

In today's world, we use many HTTPS URL's and then we access multiple links from our web browsers. And we say that is secured. I know many of us have curiosity on how HTTPS is secured. And I am sure most of you have heard about CA Certificates Authority in place which takes care of this. At a very foundation level I would articulate on how to view the list of certificates in your local system which your system trusts and allows you to establish connection with other domains which are HTTPS/SSL enabled.

In detail, we would talk about HTTPS and SSL in my upcoming posts. For now, we can look at how to get the list of trusted certificates in your system. If we know how to get this list for our system. Tomorrow it would be easy to co-relate to scenarios on how we connect to external systems with HTTPS endpoints.

Step by Step Illustration:

#1 Ensure you have installed JAVA in your system. Locate cacerts in your local computer as below.

#2 Open command prompt. And browse to "cacerts" location using command prompt. This cacerts file is called truststore which contains all certificates that your machine trusts.
#3 Execute keytool command as below to view the list of certificates in cacerts.
Command: keytool -list -v -keystore cacerts
Password: changeit

#4 Once you execute it would print the list of certificates as in below screenshot.

#5 Copy the output from command prompt and paste it to your local file editors like Notepad++. And then look at the trustedCertEntry

Stay tuned. In the next posts, we will be creating "Connect REST" to connect to external service HTTPS endpoint.


1 comment:

  1. Hello Pavan, Thanks a ton for these posts. You don't know how much of a great help you have done to me!


HowToPega : All rights reserved and the contents are copyrighted to Pavan Kumar Naidu